Head of Information Security Assurance
||Head of Information Security Assurance
Head of Information Security and Assurance
My client, a financial services provider in the City are actively looking for a Head of Information Security and Assurance to join their existing team. This is a newly created permanent position and will see you driving forward security strategy for the organisation as they continue to evolve into 2020. Ideally you will have substantial experience working in a highly regulated, financial services or payments focussed organisation.
- The Head of Information Security and Assurance provides oversight and assurance across the Information Security Framework, to help risk owners to improve their security controls and governance.
- Ensuring proper governance, risk management and compliance management of all IT systems and processes that support the business operation.
- Responsible for maintaining the ISO27001:2017 certification.
- Selection and implementation of the Information Security tooling suite across business operations.
Experience & knowledge
- Proven senior management experience operating across a C-level stakeholder group, in information security and/or counter-fraud over a minimum of 10 years
- Significant professional experience in managing a team of information security and/or fraud investigation specialists.
- An understanding of Information Security Governance, Risk and Compliance policies, controls and best practice.
- Experience of IS risk frameworks and the management of these risks across a dynamic business.
- Significant professional knowledge of ISO27001.
- Experience of information security risk assessments, threat modelling and cyber security incident management.
- A sound understanding of cloud infrastructure, project management, development and devops within a fast moving implementation environment.
- Proven leadership skills including performance management and improvement, measurement of KPIs, situational leadership, issue resolution, negotiation and motivating others.
- Demonstrable experience in a stakeholder-facing role.
- Previous experience of managing an Information Security Management System (ISMS).
- Awareness of regulatory requirements of the sector (e.g. PSD2)
- Demonstrate experience in identifying, classifying and managing security related risks across an organisation.
- Ideally held an information security governance role within a financial organisation.
Please feel free to get in touch for an informal discussion - email@example.com